Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

625 advisories

Loading
In list_key_entries of utils.rs, there is a possible way to disable user credentials due to... Moderate Unreviewed
CVE-2023-21176 was published Jun 28, 2023
A denial-of-service issue was addressed with improved memory handling. This issue is fixed in iOS... Moderate Unreviewed
CVE-2023-32385 was published Jun 23, 2023
netty-handler SniHandler 16MB allocation Moderate
CVE-2023-34462 was published for io.netty:netty-handler (Maven) Jun 20, 2023
vietj
Credited to vietj
HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface... Moderate Unreviewed
CVE-2023-30903 was published Jun 16, 2023
Apache Struts vulnerable to memory exhaustion Moderate
CVE-2023-34149 was published for org.apache.struts:struts2-core (Maven) Jun 14, 2023
An issue found in CrossX v.1.15.3 for Android allows a local attacker to cause a persistent... Moderate Unreviewed
CVE-2023-29767 was published Jun 9, 2023
A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.11... Moderate Unreviewed
CVE-2023-0921 was published Jun 6, 2023
In dialer service, there is a possible missing permission check. This could lead to local denial... Moderate Unreviewed
CVE-2022-48441 was published Jun 6, 2023
In dialer service, there is a possible missing permission check. This could lead to local denial... Moderate Unreviewed
CVE-2022-48440 was published Jun 6, 2023
Regular expressions used to filter out forbidden properties and values from style directives in... Moderate Unreviewed
CVE-2023-23603 was published Jun 2, 2023
If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly... Moderate Unreviewed
CVE-2023-0616 was published Jun 2, 2023
An issue found in Wave Animated Keyboard Emoji v.1.70.7 for Android allows a local attacker to... Moderate Unreviewed
CVE-2023-29737 was published May 30, 2023
A memory leak vulnerability exists in NanoMQ 0.17.2. The vulnerability is located in the file... Moderate Unreviewed
CVE-2023-33656 was published May 30, 2023
mp4v2 v2.1.2 was discovered to contain a memory leak via the class MP4BytesProperty. Moderate Unreviewed
CVE-2023-33720 was published May 26, 2023
Froxlor vulnerable to Allocation of Resources Without Limits or Throttling Moderate
CVE-2023-2666 was published for froxlor/froxlor (Composer) May 19, 2023
In pushDynamicShortcut of ShortcutPackage.java, there is a possible way to get the device into a... Moderate Unreviewed
CVE-2023-20930 was published May 16, 2023
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc. Moderate Unreviewed
CVE-2023-31914 was published May 12, 2023
github.com/ipfs/kubo affected by DOS Bitswap unbounded persistent memory leak Moderate
GHSA-qvqg-6rp8-4p9h was published for github.com/ipfs/kubo (Go) May 11, 2023
Jorropo
Credited to Jorropo
Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2023-30408 was published Apr 25, 2023
Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2023-30406 was published Apr 25, 2023
Ribose RNP before 0.16.3 may hang when the input is malformed. Moderate Unreviewed
CVE-2023-29479 was published Apr 24, 2023
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_ffi_cb_free at src... Moderate Unreviewed
CVE-2023-29570 was published Apr 24, 2023
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42aac component. Moderate Unreviewed
CVE-2023-29575 was published Apr 21, 2023
OutOfMemoryError for large multipart without filename in Eclipse Jetty Moderate
CVE-2023-26048 was published for org.eclipse.jetty:jetty-server (Maven) Apr 19, 2023
lachlan-roberts jeffalder
Credited to lachlan-roberts and jeffalder
An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep... Moderate Unreviewed
CVE-2023-28968 was published Apr 18, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database